http://www.post-gazette.com/pg/08072/864263-28.stm By Joyce Gannon Pittsburgh Post-Gazette March 12, 2008 Greg Wilkinson, vice president, public and government affairs, at Nova Chemicals Corp., is spending much of his time this week playing cyber war games -- on company time. So is Betsy Mallison Bialosky, manager, corporate public relations, at PPG Industries. The communications specialists at those two local chemical companies have their bosses' blessings to "play" because Nova and PPG are participants in a global exercise being conducted by the U.S. Department of Homeland Security to measure how governments and the private sector would respond to a massive cyber security threat. The "game," dubbed Cyber Storm II and managed by Homeland Security in Washington, D.C., involves players from more than 40 companies in the information technology, transportation and chemical industries; 18 federal departments and agencies, including the departments of defense and justice; nine states; and government officials in the United Kingdom, Australia, Canada and New Zealand. Those involved in the coordinated simulation, estimated to cost $6.4 million, declined to disclose details of the "attacks" but Mr. Wilkinson said they would likely include components such as a natural disaster, technical failures and criminal and terrorist activities. "It's a crisis drill … to test our capabilities. It's designed to be a stretch. It escalates into a situation that would be complex for us to handle. And from that, we'll learn about our response capabilities," he said. Homeland Security, in a description of Cyber Storm II on its Web site, said, "The scenario will be executed by persistent, fictitious adversaries with a distinct political and economic agenda." The event, which took 18 months to plan, launched Monday and concludes Friday. Homeland Security staged its first Cyber Storm in 2006 in which it simulated attacks against the energy, airline, communications and information technology industries. The federal agency, created by the Bush administration after the Sept. 11 terrorist attacks, will assess the results and produce a follow-up report to "apply the lessons learned … to strengthen the nation's cyber security preparedness and response mechanisms," the agency said. Participants in this week's exercise are fielding a series of e-mails, faxes and other communications that inform them of simulated attacks to their technology, plants and infrastructure. They respond in real time to the situations and then face potential complications as the scenarios continue to unfold. "We'll expose our team members to what's going on, and we'll respond … as layers and layers of complexity are added to stretch and challenge our systems," said Mr. Wilkinson. PPG has about seven employees involved in the exercise, including one in Washington and others at its Downtown headquarters and facilities in Monroeville and Lake Charles, La. "As it progresses, we will pull more of the staff in as we would if it were a real emergency," said Ms. Mallison Bialosky. About 30 Nova employees are involved in the exercise at its executive center in Moon and facilities in Joffre, Alberta, and Sarnia, Ontario. Other players from the chemicals sector include Dow Chemical Co. and Air Products and Chemicals. Among the information technology industry participants are Microsoft Corp., Cisco Systems and McAfee Inc., the computer security firm. Nova and PPG became involved through the American Chemistry Council, which asked for members to volunteer for Cyber Storm II. "We said, 'Yes, absolutely,'" said Mr. Wilkinson. "A big part of the benefit for us so far has been in the preparation: building relationships, getting a better understanding of the capabilities of the Department of Homeland Security and their systems, and taking a critical look at our own capabilities and preparations: Who do you call? Are our lists and procedures up to date? Who makes the decisions?" Ms. Mallison Bialosky also serves on the public affairs committee for the event, a role in which she helped develop some of the attack scenarios. "I'm in a unique position as an observer and a player. I'm watching how [PPG] responds, but I'm also playing as if there were an incident." Copyright ©1997 - 2008 PG Publishing Co., Inc. All Rights Reserved. ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Mar 13 2008 - 00:21:45 PST